ROK Chemical Accident Response Information System Breached

[Potemkin]

--South Korean Chemical Accident Response Information System Breached (October 19, 2009) Attackers reportedly obtained a password for South Korea's Chemical Accident Response Information System (CARIS) in March and used it to access the system and steal information about manufacturers of toxic chemicals and about toxic substances. The source of the attack has not been determined.

http://english.chosun.com/site/data/...101900826.html
http://english.chosun.com/site/data/...101900401.html


Korea's Cyber Security Is Fraying at the Seams

The Monthly Chosun reports that a certified password to the Chemical Accident Response Information System (CARIS) set up by the National Institute of Environmental Research (NIER) was stolen by hackers on March 5 from a computer used by an officer at South Korean Army command. The hackers used the password to infiltrate CARIS and stole the names and addresses of around 700 manufacturers of toxic chemicals, as well as information about 1,350 types of chemical substances.

CARIS monitors information about toxic chemicals such as acetone, alcohol, paint thinner and other organic solvents, sulphuric acid, hydrochloric acid and benzene and heavy metals including lead, mercury and cadmium, all of which can be fatal if they get into the atmosphere or water. The information about the manufacturers could be used by North Korea as target "coordinates" for missiles and rocket launchers aimed at the South, and South Korean intelligence officials believe the attack was committed by a North Korean hacking unit.

The official Internet system used by the South Korean military has a read-only function, and warnings pop up if external memory devices are used. High-capacity files cannot be installed, and e-mail use is limited as well. Yet the information was stolen from a high-ranking military officer. If North Korean hackers are capable of infiltrating our military network and stealing classified information, they may be capable of changing or mixing up important data. When Russia invaded Georgia in September 2008, it immobilized Georgia's financial and air traffic networks. During its invasion of Iraq, the United States used computer viruses to paralyze its air defense.

It is difficult to determine where cyber attacks are coming from and who is behind them. During the distributed denial of service attacks in July on the websites of the Korean government, banks and media, it was impossible to find evidence tracing them to North Korean hackers. If there is a means of delivering a fatal attack against a target without exposing one’s identity, many people may be attracted to such technology.

In March last year, the U.S. Department of Homeland Security held an exercise called "Cyber Storm" involving simulated computer attacks against the country's chemical plants, railroads, oil and gas facilities in which 2,500 computer experts from the U.S., Australia, New Zealand and the U.K. took part. It shows just how much importance the U.S. government places on cyber security.

Korea has one of the most advanced Internet systems in the world. That means it could also suffer the most in the event of a cyber or terror attack. The government has kept mum about the hacking incident. Officials were probably worried about protecting classified information. But it raises suspicions that this is not the first time that the military computer network has been breached, and the public is worried whether there is a comprehensive response to such cyber attacks. The government must come up with a security plan that the public can trust.